Hands-On Ethical Hacking and Network Defense, 3rd...

Hands-On Ethical Hacking

and Network Defense, 3rd

Edition

Chapter 1

Ethical Hacking Overview

© Cengage Learning 2017

Objectives

After completing this chapter, you will be able to:

•Describe the role of an ethical hacker

•Describe what you can do legally as an ethical

hacker

•Describe what you can’t do as an ethical hacker

2 Hands-On Ethical Hacking and Network Defense, 3rd

Edition


Introduction to Ethical Hacking

• Ethical hackers

– Hired by companies to perform penetration tests

• Penetration test

– Attempt to break into a company’s network to find

the weakest link

• Vulnerability assessment

– Tester attempts to enumerate all vulnerabilities

found in an application or on a system

• Security test

– Besides a break in attempt; includes analyzing

company’s security policy and procedures

Hands-On Ethical Hacking and Network Defense, 3rd

Edition

3


The Role of Security and Penetration

Testers

• Hackers

– Access computer system or network without

authorization

• Breaks the law; can go to prison

• Crackers

– Break into systems to steal or destroy data

• U.S. Department of Justice calls both hackers

• Ethical hacker

– Performs most of the same activities with owner’s

permission


Edition

4



Testers

• Script kiddies or packet monkeys

– Younger, inexperienced hackers who copy codes

from knowledgeable hackers

• Programming languages used by experienced

penetration testers

– Python, Ruby, Practical Extraction and Report

Language (Perl), C language

• Script

– Set of instructions

– Runs in sequence to perform tasks


Edition

5



Testers

• Hacktivist

– A person who hacks computer systems for political

or social reasons

• Penetration testers usually have:

– A laptop computer with multiple OSs and hacking

tools


Edition

6



Testers

• Job requirements for a penetration tester might

include:

– Perform vulnerability, attack, and penetration

assessments in Intranet and wireless environments

– Perform discovery and scanning for open ports

– Apply appropriate exploits to gain access

– Participate in activities involving application

penetration

– Produce reports documenting discoveries

– Debrief with the client at the conclusion


Edition

7


Penetration-Testing Methodologies

• White box model

– Tester is told about network topology and technology

• May be given a floor plan

– Tester is permitted to interview IT personnel and

company employees

• Makes tester’s job a little easier

• Black box model

– Staff does not know about the test

– Tester is not given details about technologies used

• Burden is on tester to find details

– Tests security personnel’s ability to detect an attack


Edition

8




Edition

9

Figure 1-1 A sample floor plan



• Gray box model

– Hybrid of the white and black box models

– Company gives tester partial information (e.g., OSs

are used, but no network diagrams)


Edition

10


Certification Programs for Network

Security Personnel

• Certification programs

– Available in almost every area of network security

• Minimum certification

– CompTIA Security+ or equivalent knowledge

• Prerequisite for Security+ certification is CompTIA

Network+


Edition

11


Offensive Security Certified

Professional

• OSCP

– An advanced certification that requires students to

demonstrate hands-on abilities to earn their

certificates

– Covers network and application exploits

– Gives students experience in developing

rudimentary buffer overflows, writing scripts to

collect and manipulate data, and trying exploits on

vulnerable systems


Edition

12


Certified Ethical Hacker

• Developed by the International Council of

Electronic Commerce Consultants (EC-Council)

– Based on 22 domains (subject areas)

– Web site: www.eccouncil.org

• Most likely be placed on a team that conducts

penetration tests

– Called a Red team

• Conducts penetration tests

• Composed of people with varied skills

• Unlikely that one person will perform all tests


Edition

13


OSSTMM Professional Security Tester

(OPST)

• Open Source Security Testing Methodology

Manual (OSSTMM) Professional Security Tester

– Designated by the Institute for Security and Open

Methodologies (ISECOM)

– Based on Open Source Security Testing

Methodology Manual (OSSTMM)

• Written by Peter Herzog

– Five main topics (i.e., professional, enumeration,

assessments, application, and verification)

– Web site: www.isecom.org


Edition

14


Certified Information Systems Security

Professional

• CISSP

– Issued by the International Information Systems

Security Certification Consortium (ISC2)

– Not geared toward technical IT professionals

– Tests security-related managerial skills

• Usually more concerned with policies and procedures

– Consists of ten domains

– Web site: www.isc2.org


Edition

15


SANS Institute

• SysAdmin, Audit, Network, Security (SANS)

Institute

– Offers training and IT security certifications through

Global Information Assurance Certification (GIAC)

• Top 25 Software Errors list

– One of the most popular SANS Institute documents

– Details most common network exploits

– Suggests ways of correcting vulnerabilities

– Web site: www.sans.org


Edition

16


Which Certification is Best?

• Penetration testers and security testers

– Need technical skills to perform duties effectively

– Must also have:

• A good understanding of networks and the role of

management in an organization

• Skills in writing and verbal communication

• Desire to continue learning

• Danger of certification exams

– Some participants simply memorize terminology

• Don’t have a good grasp of subject matter


Edition

17


What Can You Do Legally

• Laws involving technology change as rapidly as

technology itself

– Keep abreast of what’s happening in your area

• Find out what is legal for you locally

– Be aware of what is allowed and what you should

not or cannot do

• Laws vary from state to state and country to country

– Example: In some states, the possession of

lockpicking tools constitutes a crime


Edition

18


Laws of the Land

• Some hacking tools on your computer might be

illegal

– Contact local law enforcement agencies before

installing hacking tools

• Laws are written to protect society

– Written words are open to interpretation

– Example: In Hawaii, the state must prove the person

charged had the “intent to commit a crime”

• Government is getting more serious about

cybercrime punishment


Edition

19


Laws of the Land


Edition

20

Table 1-1 An overview of recent hacking cases (continues)


Laws of the Land


Edition

21

Table 1-1 An overview of recent hacking cases (cont’d)


Is Port Scanning Legal?

• Some states consider it legal

– Not always the case

– Be prudent before using penetration-testing tools

• Federal government does not see it as a violation

– Allows each state to address it separately

• Research state laws

• Read your ISP’s “Acceptable Use Policy”


Edition

22




Edition

23

Figure 1-2 An example of an acceptable use policy



• IRC “bot”

– Program that sends automatic responses to users

– Gives the appearance of a person being present

• Some ISP’s may prohibit the use of IRC bots


Edition

24


Federal Laws


Edition

25


Federal Laws


Edition

26


What You Cannot Do Legally

• Illegal actions:

– Accessing a computer without permission

– Destroying data without permission

– Copying information without permission

– Installing viruses that deny users access to network

resources

• Be careful your actions do not prevent client’s

employees from doing their jobs


Edition

27


Get It In Writing

• Using a contract is good business

– May be useful in court

• Books on working as an independent contractor

– Getting Started as an Independent Computer

Consultant by Mitch Paioff and Melanie Mulhall

– The Consulting Bible: Everything You Need to Know

to Create and Expand a Seven-Figure Consulting

Practice by Alan Weiss

• Internet can also be a helpful resource

– Free modifiable templates

• Have an attorney read your contract before signing


Edition

28


Ethical Hacking in a Nutshell

• Skills needed to be a security tester

– Knowledge of network and computer technology

– Ability to communicate with management and IT

personnel

– An understanding of the laws in your location

– Ability to apply necessary tools to perform your tasks


Edition

29


Summary

• Companies hire ethical hackers to perform

penetration tests

– Penetration tests discover vulnerabilities in a

network

– Security tests are performed by a team of people

with varied skills

• Penetration test models

– White box model

– Black box model

– Gray box model


Edition

30


Summary

• Security testers can earn certifications

– CEH

– CISSP

– OPST

• As a security tester, be aware

– What you are legally allowed or not allowed to do

• ISPs may have an acceptable use policy

– May limit ability to use tools


Edition

31


Summary

• Laws should be understood before conducting a

security test

– Federal laws

– State laws

• Get it in writing

– Use a contract

– Have an attorney read the contract

• Understand tools available to conduct security tests

– Learning how to use them should be a focused and

methodical process


Edition

32

Date post:	24-May-2020
Category:	Documents
Upload:	others
View:	3 times
Download:	0 times

Hands-On Ethical Hacking and Network Defense, 3rd...

Documents